I have a simple application (ie just a "skeleton") using spring-boot-starter-security.
When I use Spring Boot 3.1.4 everything works as expected (cf. here), I see in the console the generated random password and I can use it to login.
However in Spring Boot 3.2.0 I do NOT see a randomly generated password, when I try to login then I get the following error message:
No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken
Can you please help me to fix it? I use this method of login only for local development. The real deployment in the dev/test etc. environment is based of course on SAML2/OIDC, but for local development this method is very useful.
Comment From: philwebb
I just created a project from start.spring.io with "web" and "security" dependencies and it seems to work as expected:
Using generated security password: 5195f9a2-b137-4351-a85e-e8aaed2b3300
This generated password is for development use only. Your security configuration must be updated before running your application in production.
@jornfranke Can you please share a sample project that shows the problem?
Comment From: phxql
Maybe it's because of this? https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-3.2-Release-Notes#auto-configured-user-details-service
Comment From: jornfranke
Thanks for the quick answers. @phxql I think you have a point. There is indeed "spring-security-saml2-service-provider" on the classpath, because my plan was to use Spring profiles to switch between authentication.
I guess I can copy this logic to reproduce the same behaviour? https://github.com/spring-projects/spring-boot/blob/0856e10443c2ca4f977b0fb0dee457415e38fe54/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/servlet/UserDetailsServiceAutoConfiguration.java#L71
Comment From: jornfranke
Yep this worked. Thx all for the quick support.